If you’re onboarding new employees, you can expect criminals to spear phish those employees soon after they start. According to a recent BW Cyber, LLC survey, there is greater than a 50% chance you’ll have a new employee targeted for some type of malicious phishing scam within their first week on the job. All it takes is for the employee to update their LinkedIn status. It’s that simple.
Any type of company or LinkedIn post as well as the personal social media posts by your new interns will almost certainly invite cybercriminal attention. Your best defense is to ensure all your new employees are provided cybersecurity education on DAY 1 on the types of phishing and spear-phishing attacks that will be coming their way. Most notably, make them aware that any type of executive request – especially for gift cards – should be a red flag. Also, make sure they know that they must NEVER provide any company login credentials in response to an e-mail request – no matter how legitimate the request may appear. Ultimately, they should be trained that “When in doubt of any type of e-mail – always pick up the phone and call your manager!”
For more information on how BW Cyber, LLC can assist you, please contact us at firstname.lastname@example.org.